CN103152171B - 密钥可变的内轮置换流密码加密方法 - Google Patents

密钥可变的内轮置换流密码加密方法 Download PDF

Info

Publication number
CN103152171B
CN103152171B CN201310099408.4A CN201310099408A CN103152171B CN 103152171 B CN103152171 B CN 103152171B CN 201310099408 A CN201310099408 A CN 201310099408A CN 103152171 B CN103152171 B CN 103152171B
Authority
CN
China
Prior art keywords
rsqb
lsqb
circleplus
key
mod
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201310099408.4A
Other languages
English (en)
Other versions
CN103152171A (zh
Inventor
丁勇
韦永壮
李新国
丁继强
官秀国
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guilin University of Electronic Technology
Original Assignee
Guilin University of Electronic Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guilin University of Electronic Technology filed Critical Guilin University of Electronic Technology
Priority to CN201310099408.4A priority Critical patent/CN103152171B/zh
Publication of CN103152171A publication Critical patent/CN103152171A/zh
Application granted granted Critical
Publication of CN103152171B publication Critical patent/CN103152171B/zh
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Compression, Expansion, Code Conversion, And Decoders (AREA)
  • Lock And Its Accessories (AREA)

Abstract

本发明公开一种密钥可变的内轮置换流密码加密方法,其采用不同的数学运算符,快速实现密钥比特间的混淆性;在密钥流字节的计算中采用“纵向”扩散和“横向”压缩的相结合的比特混合置乱技术;密钥流字节采用多轮“迭代”方法得到,保证算法抵抗攻击;引入固定常量,破坏内轮函数结构,避免滑动攻击;种子密钥和初始向量的长度保证抵抗时空折中攻击;算法的运算符交替出现,分布均匀以抵抗一般的边信道攻击,特别功耗攻击;采用15轮的迭代内部状态具有足够的稳健性,足以抵抗传统的差分攻击;种子密钥长度可以根据安全强度选择;算法简洁、安全性高;各个密钥流块独立生成,特别适合平行计算,软件和硬件容易、快速实现,各种平台实现灵活。

Description

密钥可变的内轮置换流密码加密方法
技术领域
本发明涉及信息安全领域,具体涉及一种密钥可变的内轮置换流密码加密方法。
背景技术
在数据传输过程中,部分敏感数据为了防止攻击者的窃听而需要进行加密处理,使得攻击者只能窃听到密文而无法获得任何有用信息,只用拥有密钥的合法接收者才能解密还原出真实消息。在数据加密算法中,有两大类加密算法。一是分组加密算法,二是流密码加密算法(也称为序列密码)。分组加密算法的加密数据是固定长度的(分成一组一组),而流密码加密算法的加密长度是一个可变范围很大的值。分组密码以一定大小作为每次处理的基本单元,而序列密码则是以一个元素(一个字母或一个比特)作为基本的处理单元。流密码加密算法具有实现简单、便于硬件实施、加解密处理速度快、没有或只有有限的错误传播等特点,因此在实际应用中,特别是专用或机密机构中保持着优势,典型的应用领域包括无线通信和外交通信等。流密码加密算法具体应用环境和模式可见图1。首先消息发送方和接收方通过一个安全信道共享了一个种子密钥k,对于每一比特明文xi,发送方都使用一个流密码加密算法产生相对应的一比特密钥流zi,然后用zi与xi异或掩盖明文而获得密文yi,即消息接收方接收到yi后,使用相同的方法和相同的密钥产生相同的密钥流比特zi,将zi与yi异或后即可恢复出明文xi,即然而传统的流密码加密算法的内部操作不易实现,内部置乱效果不佳,易受到攻击等不足,因此还需要对传统的流密码加密算法进行进一步的改进。
发明内容
本发明所要解决的技术问题是提供一种安全强度高、算法简洁易于实现、并能灵活适用于各种平台的密钥可变的内轮置换流密码加密方法。
为解决上述问题,本发明是通过以下方案实现的:
密钥可变的内轮置换流密码加密方法,包括如下步骤:
(1)内部状态初始化阶段:
(1.1)随机选择3~8个32比特的种子密钥K=(k0,k1,…,k7)和3个32比特的初始向量v=(v0,v1,v2),确定3个32比特的常量值c=(c0,c1,c2);启动2个32比特的计数向量t=(t0,t1);
(1.2)开辟一个512比特的存储器X,该存储器分为16个字,每个字为32比特,即
X = x 0 x 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x 9 x 10 x 11 x 12 x 13 x 14 x 15
(1.3)将种子密钥K、初始向量v、计数向量t和常量值c分别注入存储器X中,即令
X = x 0 x 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x 9 x 10 x 11 x 12 x 13 x 14 x 15 = k 0 v 1 k 6 c 0 k 5 k 3 c 1 t 1 t 0 c 2 k 1 k 7 v 0 k 4 v 2 k 2 ;
(2)密钥流生成阶段:
(2.1)定义Xr=roundr(X),其中roundr(X)又分为行运算roundodd(X)和列运算roundeven(X);
(2.2)若r为奇数即roundodd(X)的变化规则为:
将存储器X的第一行x=(x0,x1,x2,x3)变化到y=(y0,y1,y2,y3),有:
a0=x0+x3,a3=(x2+a0)<<<3
a2=x1+a3,a1=(x2+a2)<<<17
y 0 = [ x 0 &CirclePlus; ( a 0 + a 1 ) ] < < < [ r mod 8 ]
y 1 = x 1 &CirclePlus; [ ( a 2 + y 0 ) > > > [ r mod 8 ] ]
y 2 = [ x 2 &CirclePlus; ( a 3 + y 1 ) ] < < < 5
y 3 = x 3 &CirclePlus; [ ( a 1 + y 2 ) < < < 23 ] ;
将存储器X的第二行x=(x4,x5,x6,x7)变化到y=(y4,y5,y6,y7),有:
a4=x4+x7,a7=(x6+a4)<<<3
a6=x5+a7,a5=(x6+a6)<<<17
y 4 = [ x 4 &CirclePlus; ( a 4 + a 5 ) ] < < < [ r mod 8 ]
y 5 = x 5 &CirclePlus; [ ( a 6 + y 4 ) > > > [ r mod 8 ] ]
y 6 = [ x 6 &CirclePlus; ( a 7 + y 5 ) ] < < < 5
y 7 = x 7 &CirclePlus; [ ( a 5 + y 6 ) < < < 23 ] ;
将存储器X的第三行x=(x8,x9,x10,x11)变化到y=(y8,y9,y10,y11),有:
a8=x8+x11,a11=(x10+a8)<<<3
a10=x9+a11,a9=(x10+a10)<<<17
y 8 = [ x 8 &CirclePlus; ( a 8 + a 9 ) ] < < < [ r mod 8 ]
y 9 = x 9 &CirclePlus; [ ( a 10 + y 8 ) > > > [ r mod 8 ] ]
y 10 = [ x 10 &CirclePlus; ( a 11 + y 9 ) ] < < < 5
y 11 = x 11 &CirclePlus; [ ( a 9 + y 10 ) < < < 23 ] ;
将存储器X的第四行x=(x12,x13,x14,x15)变化到y=(y12,y13,y14,y15),有:
a12=x12+x15,a15=(x14+a12)<<<3
a14=x13+a15,a13=(x14+a14)<<<17
y 12 = [ x 12 &CirclePlus; ( a 12 + a 13 ) ] < < < [ r mod 8 ]
y 13 = x 13 &CirclePlus; [ ( a 14 + y 12 ) > > > [ r mod 8 ] ]
y 14 = [ x 14 &CirclePlus; ( a 15 + y 13 ) ] < < < 5
y 15 = x 15 &CirclePlus; [ ( a 13 + y 14 ) < < < 23 ] ;
上述,+表示mod232运算,表示mod2运算,<<<表示左循环移位,>>>表示右循环移位;
(2.3)若r为偶数(即roundeven(X))的变化规则为:
将存储器X的第一列x=(x0,x4,x8,x12)变化到y=(y0,y4,y8,y12),有:
a0=x0+x12,a3=(x8+a0)<<<3
a2=x4+a3,a1=(x8+a2)<<<17
y 0 = [ x 0 &CirclePlus; ( a 0 + a 1 ) ] < < < [ r mod 8 ]
y 4 = x 4 &CirclePlus; [ ( a 2 + y 0 ) > > > [ r mod 8 ] ]
y 8 = [ x 8 &CirclePlus; ( a 3 + y 4 ) ] < < < 5
y 12 = x 12 &CirclePlus; [ ( a 1 + y 8 ) < < < 23 ] ;
将存储器X的第二列x=(x1,x5,x9,x13)变化到y=(y1,y5,y9,y13),有:
a4=x1+x13,a7=(x9+a4)<<<3
a6=x5+a7,a5=(x9+a6)<<<17
y 1 = x 1 &CirclePlus; [ ( a 4 + y 5 ) < < < [ r mod 8 ] ]
y 5 = x 5 &CirclePlus; [ ( a 6 + y 1 ) > > > [ r mod 8 ] ]
y 9 = [ x 9 &CirclePlus; ( a 7 + y 5 ) ] < < < 5
y 13 = x 13 &CirclePlus; [ ( a 5 + y 9 ) < < < 23 ] ;
将存储器X的第三列x=(x2,x6,x10,x14)变化到y=(y2,y6,y10,y14),有:
a8=x2+x14,a11=(x10+a8)<<<3
a10=x6+a11,a9=(x10+a10)<<<17
y 2 = [ x 2 &CirclePlus; ( a 8 + a 9 ) ] < < < [ r mod 8 ]
y 6 = x 6 &CirclePlus; [ ( a 10 + y 2 ) > > > [ r mod 8 ] ]
y 10 = [ x 10 &CirclePlus; ( a 11 + y 6 ) ] < < < 5
y 14 = x 14 &CirclePlus; [ ( a 9 + y 10 ) < < < 23 ] ;
将存储器X的第四列x=(x3,x7,x11,x15)变化到y=(y3,y7,y11,y15),有:
a12=x3+x15,a15=(x11+a12)<<<3
a14=x7+a15,a13=(x11+a14)<<<17
y 3 = [ x 3 &CirclePlus; ( a 12 + a 13 ) ] < < < [ r mod 8 ]
y 7 = x 7 &CirclePlus; [ ( a 14 + y 3 ) > > > [ r mod 8 ] ] ;
y 11 = [ x 11 &CirclePlus; ( a 15 + y 13 ) ] < < < 5
y 15 = x 15 &CirclePlus; [ ( a 13 + y 11 ) < < < 23 ]
(2.4)根据步骤(2.2)和(2.3)所述变化规则计算X=round(X),X7=round7(X)和X15=round15(X),并输出计数向量t=(t0,t1)为t时的密钥流Z(t)=X+X7+X15
(2.5)将计数向量t=(t0,t1)更新为t+1,此时存储器X的状态更新为X1,重复步骤(2.1)~(2.4),即可获得计数向量t=(t0,t1)为t+1时的密钥流Z(t+1)=X1+X1 7+X1 15
将计数向量t=(t0,t1)更新为t+2,此时存储器X的状态更新为X2,重复步骤(2.1)~(2.4),即可获得计数向量t=(t0,t1)为t+2时的密钥流Z(t+2)=X2+X2 7+X2 15
如此反复循环;
直至将计数向量t=(t0,t1)更新为t+n,其中n为所需的密钥流个数,此时存储器X的状态更新为Xn,重复步骤(2.1)~(2.4),即可获得计数向量t=(t0,t1)为t+n时的密钥流Z(t+n)=Xn+Xn 7+Xn 15
(3)加密阶段:其中Yi为获得的密文,Xi为待加密的明文,Zi为密钥流。
上述步骤(1.1)中,
所述种子密钥K=(k0,k1,…,k7)为3×32比特时,则种子密钥K=(k0,k1,…,k7)随机选取前面3个字,余下的5个字则固定为全“0”或全“1”;
所述种子密钥K=(k0,k1,…,k7)为4×32比特时,则种子密钥K=(k0,k1,…,k7)随机选取前面4个字,余下的4个字则固定为全“0”或全“1”;
种子密钥K=(k0,k1,…,k7)为5×32比特时,则种子密钥K=(k0,k1,…,k7)随机选取前面5个字,余下的3个字则固定为全“0”或全“1”;
种子密钥K=(k0,k1,…,k7)为6×32比特时,则种子密钥K=(k0,k1,…,k7)随机选取前面6个字,余下的2个字则固定为全“0”或全“1”;
种子密钥K=(k0,k1,…,k7)为7×32比特时,则种子密钥K=(k0,k1,…,k7)随机选取前面7个字,余下的1个字则固定为全“0”或全“1”;
种子密钥K=(k0,k1,…,k7)为8×32比特时,则种子密钥K=(k0,k1,…,k7)随机选取这8个字。
上述步骤(2.5)中,输出的密钥流个数即n<264个。
上述步骤(1.1)中,常量值c=(c0,c1,c2)为固定常数,且用16进制表示为c0=6672082A,c1=B39E6F35,c2=D9D3B52C。
与现有技术相比,本发明具有如下特点:
(1)采用不同的数学运算符,特别是mod232运算和移位,快速实现密钥比特间的混淆性;
(2)在密钥流字节的计算中采用“纵向”扩散和“横向”压缩的相结合的比特混合置乱技术;
(3)密钥流字节采用多轮“迭代”方法得到,保证算法抵抗平凡的统计攻击、强攻击、一般猜测攻击等等;
(4)引入固定常量,破坏内轮函数结构,避免滑动攻击;
(5)种子密钥和初始向量的长度保证抵抗时空折中攻击;
(6)算法的运算符交替出现,分布均匀以抵抗一般的边信道攻击,特别功耗攻击;
(7)采用15轮的“迭代”内部状态具有足够的稳健性,足以抵抗传统的差分攻击;
(8)种子密钥长度可以根据安全强度选择;
(9)算法简洁、安全性高;
(10)各个密钥流块独立生成,特别适合平行计算,软件和硬件容易、快速实现,各种平台实现灵活。
附图说明
图1为流密码加密方法使用示意图。
具体实施方式
一种密钥可变的内轮置换流密码加密方法,包括如下步骤:
(1)内部状态初始化阶段:
(1.1)随机选择3~8个32比特的种子密钥K=(k0,k1,…,k7)和3个32比特的初始向量v=(v0,v1,v2),确定3个32比特的常量值c=(c0,c1,c2);启动2个32比特的计数向量t=(t0,t1)。
所述种子密钥K=(k0,k1,…,k7)为3×32比特时,则种子密钥K=(k0,k1,…,k7)随机选取前面3个字即k0,k1,k2,余下的5个字即k3,k4,k5,k6,k7则固定为全零或全1字;
所述种子密钥K=(k0,k1,…,k7)为4×32比特时,则种子密钥K=(k0,k1,…,k7)随机选取前面4个字即k0,k1,k2,k3,余下的4个字即k4,k5,k6,k7则固定为全零或全1字;
种子密钥K=(k0,k1,…,k7)为5×32比特时,则种子密钥K=(k0,k1,…,k7)随机选取前面5个字即k0,k1,k2,k3,k4,余下的3个字即k5,k6,k7则固定为全零或全1字;
种子密钥K=(k0,k1,…,k7)为6×32比特时,则种子密钥K=(k0,k1,…,k7)随机选取前面6个字即k0,k1,k2,k3,k4,k5,余下的2个字即k6,k7则固定为全零或全1字;
种子密钥K=(k0,k1,…,k7)为7×32比特时,则种子密钥K=(k0,k1,…,k7)随机选取前面7个字即k0,k1,k2,k3,k4,k5,k6,余下的1个字即k7则固定为全零或全1字;
种子密钥K=(k0,k1,…,k7)为8×32比特时,则种子密钥K=(k0,k1,…,k7)随机选取这8个字即k0,k1,k2,k3,k4,k5,k6,k7
所述常量值c=(c0,c1,c2)为固定常数,且用16进制表示为c0=6672082A,c1=B39E6F35,c2=D9D3B52C。
(1.2)开辟一个512比特的存储器X,该存储器分为16个字,每个字为32比特,即
X = x 0 x 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x 9 x 10 x 11 x 12 x 13 x 14 x 15
(1.3)将种子密钥K、初始向量v、计数向量t和常量值c分别注入存储器X中,即令
X = x 0 x 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x 9 x 10 x 11 x 12 x 13 x 14 x 15 = k 0 v 1 k 6 c 0 k 5 k 3 c 1 t 1 t 0 c 2 k 1 k 7 v 0 k 4 v 2 k 2 .
(2)密钥流生成阶段:
(2.1)定义Xr=roundr(X),其中roundr(X)又分为行运算roundodd(X)和列运算roundeven(X)。
(2.2)若r为奇数即roundodd(X)的变化规则为:
将存储器X的第一行x=(x0,x1,x2,x3)变化到y=(y0,y1,y2,y3),有:
a0=x0+x3,a3=(x2+a0)<<<3
a2=x1+a3,a1=(x2+a2)<<<17
y 0 = [ x 0 &CirclePlus; ( a 0 + a 1 ) ] < < < [ r mod 8 ]
y 1 = x 1 &CirclePlus; [ ( a 2 + y 0 ) > > > [ r mod 8 ] ]
y 2 = [ x 2 &CirclePlus; ( a 3 + y 1 ) ] < < < 5
y 3 = x 3 &CirclePlus; [ ( a 1 + y 2 ) < < < 23 ] ;
将存储器X的第二行x=(x4,x5,x6,x7)变化到y=(y4,y5,y6,y7),有:
a4=x4+x7,a7=(x6+a4)<<<3
a6=x5+a7,a5=(x6+a6)<<<17
y 4 = [ x 4 &CirclePlus; ( a 4 + a 5 ) ] < < < [ r mod 8 ]
y 5 = x 5 &CirclePlus; [ ( a 6 + y 4 ) > > > [ r mod 8 ] ]
y 6 = [ x 6 &CirclePlus; ( a 7 + y 5 ) ] < < < 5
y 7 = x 7 &CirclePlus; [ ( a 5 + y 6 ) < < < 23 ] ;
将存储器X的第三行x=(x8,x9,x10,x11)变化到y=(y8,y9,y10,y11),有:
a8=x8+x11,a11=(x10+a8)<<<3
a10=x9+a11,a9=(x10+a10)<<<17
y 8 = [ x 8 &CirclePlus; ( a 8 + a 9 ) ] < < < [ r mod 8 ]
y 9 = x 9 &CirclePlus; [ ( a 10 + y 8 ) > > > [ r mod 8 ] ]
y 10 = [ x 10 &CirclePlus; ( a 11 + y 9 ) ] < < < 5
y 11 = x 11 &CirclePlus; [ ( a 9 + y 10 ) < < < 23 ] ;
将存储器X的第四行x=(x12,x13,x14,x15)变化到y=(y12,y13,y14,y15),有:
a12=x12+x15,a15=(x14+a12)<<<3
a14=x13+a15,a13=(x14+a14)<<<17
y 12 = [ x 12 &CirclePlus; ( a 12 + a 13 ) ] < < < [ r mod 8 ]
y 13 = x 13 &CirclePlus; [ ( a 14 + y 12 ) > > > [ r mod 8 ] ]
y 14 = [ x 14 &CirclePlus; ( a 15 + y 13 ) ] < < < 5
y 15 = x 15 &CirclePlus; [ ( a 13 + y 14 ) < < < 23 ] ;
上述,+表示mod232运算,表示mod2运算,<<<表示左循环移位,>>>表示右循环移位。
(2.3)若r为偶数即roundeven(X)的变化规则为:
将存储器X的第一列x=(x0,x4,x8,x12)变化到y=(y0,y4,y8,y12),有:
a0=x0+x12,a3=(x8+a0)<<<3
a2=x4+a3,a1=(x8+a2)<<<17
y 0 = [ x 0 &CirclePlus; ( a 0 + a 1 ) ] < < < [ r mod 8 ]
y 4 = x 4 &CirclePlus; [ ( a 2 + y 0 ) > > > [ r mod 8 ] ]
y 8 = [ x 8 &CirclePlus; ( a 3 + y 4 ) ] < < < 5
y 12 = x 12 &CirclePlus; [ ( a 1 + y 8 ) < < < 23 ] ;
将存储器X的第二列x=(x1,x5,x9,x13)变化到y=(y1,y5,y9,y13),有:
a4=x1+x13,a7=(x9+a4)<<<3
a6=x5+a7,a5=(x9+a6)<<<17
y 1 = [ x 1 &CirclePlus; ( a 4 + a 5 ) ] < < < [ r mod 8 ]
y 5 = x 5 &CirclePlus; [ ( a 6 + y 1 ) > > > [ r mod 8 ] ]
y 9 = [ x 9 &CirclePlus; ( a 7 + y 5 ) ] < < < 5
y 13 = x 13 &CirclePlus; [ ( a 5 + y 9 ) < < < 23 ] ;
将存储器X的第三列x=(x2,x6,x10,x14)变化到y=(y2,y6,y10,y14),有:
a8=x2+x14,a11=(x10+a8)<<<3
a10=x6+a11,a9=(x10+a10)<<<17
y 2 = [ x 2 &CirclePlus; ( a 8 + a 9 ) ] < < < [ r mod 8 ]
y 6 = x 6 &CirclePlus; [ ( a 10 + y 2 ) > > > [ r mod 8 ] ]
y 10 = [ x 10 &CirclePlus; ( a 11 + y 6 ) ] < < < 5
y 14 = x 14 &CirclePlus; [ ( a 9 + y 10 ) < < < 23 ] ;
将存储器X的第四列x=(x3,x7,x11,x15)变化到y=(y3,y7,y11,y15),有:
a12=x3+x15,a15=(x11+a12)<<<3
a14=x7+a15,a13=(x11+a14)<<<17
y 3 = [ x 3 &CirclePlus; ( a 12 + a 13 ) ] < < < [ r mod 8 ]
y 7 = x 7 &CirclePlus; [ ( a 14 + y 3 ) > > > [ r mod 8 ] ] .
y 11 = [ x 11 &CirclePlus; ( a 15 + y 13 ) ] < < < 5
y 15 = x 15 &CirclePlus; [ ( a 13 + y 11 ) < < < 23 ]
(2.4)根据步骤(2.2)和(2.3)所述变化规则计算X=round(X),X7=round7(X)和X15=round15(X),并输出计数向量t=(t0,t1)为t时的密钥流Z(t)=X+X7+X15
(2.5)将计数向量t=(t0,t1)更新为t+1,此时存储器X的状态更新为X1,重复步骤(2.1)~(2.4),即可获得计数向量t=(t0,t1)为t+1时的密钥流Z(t+1)=X1+X1 7+X1 15
将计数向量t=(t0,t1)更新为t+2,此时存储器X的状态更新为X2,重复步骤(2.1)~(2.4),即可获得计数向量t=(t0,t1)为t+2时的密钥流Z(t+2)=X2+X2 7+X2 15
如此反复循环;
直至将计数向量t=(t0,t1)更新为t+n,其中n为所需的密钥流个数,此时存储器X的状态更新为Xn,重复步骤(2.1)~(2.4),即可获得计数向量t=(t0,t1)为t+n时的密钥流Z(t+n)=Xn+Xn 7+Xn 15
在本实施例中,输出的密钥流个数即n<264个。
(3)加密阶段:其中Yi为获得的密文,Xi为待加密的明文,Zi为密钥流。该加密阶段与现有技术相同,参见图1。

Claims (2)

1.密钥可变的内轮置换流密码加密方法,其特征是包括如下步骤:
(1)内部状态初始化阶段:
(1.1)随机选择3~8个32比特的种子密钥K=(k0,k1,…,k7)和3个32比特的初始向量v=(v0,v1,v2),确定3个32比特的常量值c=(c0,c1,c2);启动2个32比特的计数向量t=(t0,t1);
当所述种子密钥K=(k0,k1,…,k7)为3×32比特时,则种子密钥K=(k0,k1,…,k7)随机选取前面3个字,余下的5个字则固定为全“0”或全“1”;
当所述种子密钥K=(k0,k1,…,k7)为4×32比特时,则种子密钥K=(k0,k1,…,k7)随机选取前面4个字,余下的4个字则固定为全“0”或全“1”;
当种子密钥K=(k0,k1,…,k7)为5×32比特时,则种子密钥K=(k0,k1,…,k7)随机选取前面5个字,余下的3个字则固定为全“0”或全“1”;
当种子密钥K=(k0,k1,…,k7)为6×32比特时,则种子密钥K=(k0,k1,…,k7)随机选取前面6个字,余下的2个字则固定为全“0”或全“1”;
当种子密钥K=(k0,k1,…,k7)为7×32比特时,则种子密钥K=(k0,k1,…,k7)随机选取前面7个字,余下的1个字则固定为全“0”或全“1”;
当种子密钥K=(k0,k1,…,k7)为8×32比特时,则种子密钥K=(k0,k1,…,k7)随机选取这8个字;
所述常量值c=(c0,c1,c2)为固定常数,且用16进制表示为c0=6672082A,c1=B39E6F35,c2=D9D3B52C;
(1.2)开辟一个512比特的存储器X,该存储器分为16个字,每个字为32比特,即
X = x 0 x 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x 9 x 10 x 11 x 12 x 13 x 14 x 15 ;
(1.3)将种子密钥K、初始向量v、计数向量t和常量值c分别注入存储器X中,即令
X = x 0 x 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x 9 x 10 x 11 x 12 x 13 x 14 x 15 = k 0 v 1 k 6 c 0 k 5 k 3 c 1 t 1 t 0 c 2 k 1 k 7 v 0 k 4 v 2 k 2 ;
(2)密钥流生成阶段:
(2.1)定义Xr=roundr(X),其中roundr(X)又分为行运算roundodd(X)和列运算roundeven(X);
(2.2)若r为奇数即roundodd(X)的变化规则为:
将存储器X的第一行x=(x0,x1,x2,x3)变化到y=(y0,y1,y2,y3),有:
a0=x0+x3,a3=(x2+a0)<<<3
a2=x1+a3,a1=(x2+a2)<<<17
y 0 = &lsqb; x 0 &CirclePlus; ( a 0 + a 1 ) &rsqb; < < < &lsqb; r mod 8 &rsqb;
y 1 = x 1 &CirclePlus; &lsqb; ( a 2 + y 0 ) > > > &lsqb; r mod 8 &rsqb; &rsqb;
y 2 = &lsqb; x 2 &CirclePlus; ( a 3 + y 1 ) &rsqb; < < < 5
y 3 = x 3 &CirclePlus; &lsqb; ( a 1 + y 2 ) < < < 23 &rsqb; ;
将存储器X的第二行x=(x4,x5,x6,x7)变化到y=(y4,y5,y6,y7),有:
a4=x4+x7,a7=(x6+a4)<<<3
a6=x5+a7,a5=(x6+a6)<<<17
y 4 = &lsqb; x 4 &CirclePlus; ( a 4 + a 5 ) &rsqb; < < < &lsqb; r mod 8 &rsqb;
y 5 = x 5 &CirclePlus; &lsqb; ( a 6 + y 4 ) > > > &lsqb; r mod 8 &rsqb; &rsqb;
y 6 = &lsqb; x 6 &CirclePlus; ( a 7 + y 5 ) &rsqb; < < < 5
y 7 = x 7 &CirclePlus; &lsqb; ( a 5 + y 6 ) < < < 23 &rsqb; ;
将存储器X的第三行x=(x8,x9,x10,x11)变化到y=(y8,y9,y10,y11),有:
a8=x8+x11,a11=(x10+a8)<<<3
a10=x9+a11,a9=(x10+a10)<<<17
y 8 = &lsqb; x 8 &CirclePlus; ( a 8 + a 9 ) &rsqb; < < < &lsqb; r mod 8 &rsqb;
y 9 = x 9 &CirclePlus; &lsqb; ( a 10 + y 8 ) > > > &lsqb; r mod 8 &rsqb; &rsqb;
y 10 = &lsqb; x 10 &CirclePlus; ( a 11 + y 9 ) &rsqb; < < < 5
y 11 = x 11 &CirclePlus; &lsqb; ( a 9 + y 10 ) < < < 23 &rsqb; ;
将存储器X的第四行x=(x12,x13,x14,x15)变化到y=(y12,y13,y14,y15),有:
a12=x12+x15,a15=(x14+a12)<<<3
a14=x13+a15,a13=(x14+a14)<<<17
y 12 = &lsqb; x 12 &CirclePlus; ( a 12 + a 13 ) &rsqb; < < < &lsqb; r mod 8 &rsqb;
y 13 = x 13 &CirclePlus; &lsqb; ( a 14 + y 12 ) > > > &lsqb; r mod 8 &rsqb; &rsqb;
y 14 = &lsqb; x 14 &CirclePlus; ( a 15 + y 13 ) &rsqb; < < < 5
y 15 = x 15 &CirclePlus; &lsqb; ( a 13 + y 14 ) < < < 23 &rsqb; ;
上述,+表示mod232运算,表示mod2运算,<<<表示左循环移位,>>>表示右循环移位;
(2.3)若r为偶数(即roundeven(X))的变化规则为:
将存储器X的第一列x=(x0,x4,x8,x12)变化到y=(y0,y4,y8,y12),有:
a0=x0+x12,a3=(x8+a0)<<<3
a2=x4+a3,a1=(x8+a2)<<<17
y 0 = &lsqb; x 0 &CirclePlus; ( a 0 + a 1 ) &rsqb; < < < &lsqb; r mod 8 &rsqb;
y 4 = x 4 &CirclePlus; &lsqb; ( a 2 + y 0 ) > > > &lsqb; r mod 8 &rsqb; &rsqb;
y 8 = &lsqb; x 8 &CirclePlus; ( a 3 + y 4 ) &rsqb; < < < 5
y 12 = x 12 &CirclePlus; &lsqb; ( a 1 + y 8 ) < < < 23 &rsqb; ;
将存储器X的第二列x=(x1,x5,x9,x13)变化到y=(y1,y5,y9,y13),有:
a4=x1+x13,a7=(x9+a4)<<<3
a6=x5+a7,a5=(x9+a6)<<<17
y 1 = &lsqb; x 1 &CirclePlus; ( a 4 + a 5 ) &rsqb; < < < &lsqb; r mod 8 &rsqb;
y 5 = x 5 &CirclePlus; &lsqb; ( a 6 + y 1 ) > > > &lsqb; r mod 8 &rsqb; &rsqb;
y 9 = &lsqb; x 9 &CirclePlus; ( a 7 + y 5 ) &rsqb; < < < 5
y 13 = x 13 &CirclePlus; &lsqb; ( a 5 + y 9 ) < < < 23 &rsqb; ;
将存储器X的第三列x=(x2,x6,x10,x14)变化到y=(y2,y6,y10,y14),有:
a8=x2+x14,a11=(x10+a8)<<<3
a10=x6+a11,a9=(x10+a10)<<<17
y 2 = &lsqb; x 2 &CirclePlus; ( a 8 + a 9 ) &rsqb; < < < &lsqb; r mod 8 &rsqb;
y 6 = x 6 &CirclePlus; &lsqb; ( a 10 + y 2 ) > > > &lsqb; r mod 8 &rsqb; &rsqb;
y 10 = &lsqb; x 10 &CirclePlus; ( a 11 + y 6 ) &rsqb; < < < 5
y 14 = x 14 &CirclePlus; &lsqb; ( a 9 + y 10 ) < < < 23 &rsqb; ;
将存储器X的第四列x=(x3,x7,x11,x15)变化到y=(y3,y7,y11,y15),有:
a12=x3+x15,a15=(x11+a12)<<<3
a14=x7+a15,a13=(x11+a14)<<<17
y 3 = &lsqb; x 3 &CirclePlus; ( a 12 + a 13 ) &rsqb; < < < &lsqb; r mod 8 &rsqb;
y 7 = x 7 &CirclePlus; &lsqb; ( a 14 + y 3 ) > > > &lsqb; r mod 8 &rsqb; &rsqb;
y 11 = &lsqb; x 11 &CirclePlus; ( a 15 + y 13 ) &rsqb; < < < 5
y 15 = x 15 &CirclePlus; &lsqb; ( a 13 + y 11 ) < < < 23 &rsqb; ;
(2.4)根据步骤(2.2)和(2.3)所述变化规则计算X=round(X),X7=round7(X)和X15=round15(X),并输出计数向量t=(t0,t1)为t时的密钥流Z(t)=X+X7+X15
(2.5)将计数向量t=(t0,t1)更新为t+1,此时存储器X的状态更新为X1,重复步骤(2.1)~(2.4),即可获得计数向量t=(t0,t1)为t+1时的密钥流Z(t+1)=X1+X1 7+X1 15
将计数向量t=(t0,t1)更新为t+2,此时存储器X的状态更新为X2,重复步骤(2.1)~(2.4),即可获得计数向量t=(t0,t1)为t+2时的密钥流Z(t+2)=X2+X2 7+X2 15
……
将计数向量t=(t0,t1)更新为t+i,其中2<i<n,此时存储器X的状态更新为Xi,重复步骤(2.1)~(2.4),即可获得计数向量t=(t0,t1)为t+i时的密钥流Z(t+i)=Xi+Xi 7+Xi 15
……
将计数向量t=(t0,t1)更新为t+n,其中n为所需的密钥流个数,此时存储器X的状态更新为Xn,重复步骤(2.1)~(2.4),即可获得计数向量t=(t0,t1)为t+n时的密钥流Z(t+n)=Xn+Xn 7+Xn 15
(3)加密阶段:其中Yi为获得的密文,Xi为待加密的明文,Zi为密钥流。
2.根据权利要求1所述的密钥可变的内轮置换流密码加密方法,其特征是,上述步骤(2.5)中,输出的密钥流个数即n<264个。
CN201310099408.4A 2013-03-26 2013-03-26 密钥可变的内轮置换流密码加密方法 Expired - Fee Related CN103152171B (zh)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310099408.4A CN103152171B (zh) 2013-03-26 2013-03-26 密钥可变的内轮置换流密码加密方法

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310099408.4A CN103152171B (zh) 2013-03-26 2013-03-26 密钥可变的内轮置换流密码加密方法

Publications (2)

Publication Number Publication Date
CN103152171A CN103152171A (zh) 2013-06-12
CN103152171B true CN103152171B (zh) 2015-11-18

Family

ID=48550047

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310099408.4A Expired - Fee Related CN103152171B (zh) 2013-03-26 2013-03-26 密钥可变的内轮置换流密码加密方法

Country Status (1)

Country Link
CN (1) CN103152171B (zh)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105933111B (zh) * 2016-05-27 2019-03-22 华南师范大学 一种基于OpenCL的Bitslicing-KLEIN的快速实现方法
CN110188564B (zh) * 2019-07-09 2024-01-26 江苏亨通问天量子信息研究院有限公司 基于量子密钥加密的移动数据存储终端

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1143437A (zh) * 1994-03-14 1997-02-19 威廉·Y·肖 密钥可变的加密系统
CN1246007A (zh) * 1999-02-10 2000-03-01 河北工业大学 排列码加密解密方法及其排列码加密解密器
US20060291650A1 (en) * 2001-05-22 2006-12-28 Viswanath Ananth State-varying hybrid stream cipher
US20110069834A1 (en) * 2009-09-03 2011-03-24 Jerzy Henryk Urbanik Method and system for a symmetric block cipher using a plurality of symmetric algorithms

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1143437A (zh) * 1994-03-14 1997-02-19 威廉·Y·肖 密钥可变的加密系统
CN1246007A (zh) * 1999-02-10 2000-03-01 河北工业大学 排列码加密解密方法及其排列码加密解密器
US20060291650A1 (en) * 2001-05-22 2006-12-28 Viswanath Ananth State-varying hybrid stream cipher
US20110069834A1 (en) * 2009-09-03 2011-03-24 Jerzy Henryk Urbanik Method and system for a symmetric block cipher using a plurality of symmetric algorithms

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
一种用椭圆曲线密码构建的传感网络密钥管理方案;丁勇;《西安电子科技大学学报》;20080820;第35卷(第4期);第739-742页 *

Also Published As

Publication number Publication date
CN103152171A (zh) 2013-06-12

Similar Documents

Publication Publication Date Title
CN104301095A (zh) Des轮运算方法和电路
Kendhe et al. A survey report on various cryptanalysis techniques
Mhaibes et al. Simple Lightweight Cryptographic Algorithm to Secure Imbedded IoT Devices.
CN103152171B (zh) 密钥可变的内轮置换流密码加密方法
Alshawi et al. Improved Salsa20 stream cipher diffusion based on random chaotic maps
Yang et al. An improved AES encryption algorithm based on chaos theory in wireless communication networks
Lechtaler et al. Model design for a reduced variant of a Trivium Type Stream Cipher
Muhalhal et al. A hybrid modified lightweight algorithm for achieving data integrity and confidentiality
CN103166753B (zh) 4个非线性驱动的轻量级流密码加密方法
Rajagopal et al. Security attacks on the improved SMS4-bsk encryption transmission system
Faraoun Design of fast one-pass authenticated and randomized encryption schema using reversible cellular automata
Long et al. An improved differential fault analysis on block cipher klein-64
Li et al. Impossible meet-in-the-middle fault analysis on the LED lightweight cipher in VANETs
Deepthi et al. Cryptanalysis for reduced round Salsa and ChaCha: revisited
CN106921486A (zh) 数据加密的方法和装置
Mishra et al. A Chaotic encryption algorithm: Robustness against Brute-force attack
Mohan et al. Revised aes and its modes of operation
Hasija et al. A Performance Analysis of Root-Converging Methods for Developing Post Quantum Cryptography Algorithms to Mitigate Key-Size-Based Attacks
Diedrich et al. Comparison of Lightweight Stream Ciphers: MICKEY 2.0, WG-8, Grain and Trivium
CN114428979A (zh) 一种数据处理方法及装置、设备和系统
Kun et al. An improved AES algorithm based on chaos
Chugunkov et al. Issues of increasing the efficiency of replacement blocks for cryptoalgorithms round functions
VG et al. Implementation of lightweight cryptographic algorithms in FPGA
Al-hazaimeh et al. Analytical Approach for Data Encryption Standard Algorithm.
Ali et al. 3D Lightweight Cryptosystem Design for IoT Applications Based on Composite S-Box

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20151118

CF01 Termination of patent right due to non-payment of annual fee